IT Stuff

Main menu

Tag Archives: installation

Update (Automated Installation):
I’ve created an automated installation(click-‘n-go) to install the full node and some additional add-ons (Monitoring Graphs, alerts and IOTA peer manager).
It includes extensive documentation on subjects such as security hardening and troubleshooting. I recommend to use it to get you up and running:

For anyone interested in running an IOTA fullnode on Centos, here are the steps I’ve taken to get it working nicely. I guess this should also work for any other RedHat based systems.
Some basic understanding of linux is required.

Note that this installation does not make use of Docker, so IRI runs directly on the system.
While there are some advantages running IRI in Docker, it is only optional.
(Sorry, still didn’t have the time to write a tutorial on installing IRI with Docker).

Install Epel

Install requirements:

1

yum install epel-release-y

Install IRI

Install maven (also libappindicator, java and git if you don’t have)

1

$sudo yum install maven git java-1.8.0libappindicator

Choose a location where you want to install and run iri in.
In this example I chose /var/lib/iri but it can also be located elsewhere (like under /opt).

1

2

3

4

5

# cd /var/lib

# git clone https://github.com/iotaledger/iri

# cd iri

# mvn clean compile

# mvn package

Note that I ran the above commands as root — because I am lazy (which is typically discouraged). You can run those commands as a privileged user prefixing the commands with ‘sudo’ where needed.

Now that iri is installed we can proceed to create a user and configure some files.

Configure

User and Home Directory

Let’s start by adding a user under which iri will run:

1

# useradd -s /sbin/nologin -M -d /var/lib/iri iri

Now we can chown the entire home directory recursively and set correct permissions:

I chose to use command-line startup arguments, but you can also use a config.ini file as mentioned in the link above. You will have to provide the config file in the systemd drop-in file which is shown here below.

Neighbors List

A word about the neighbors list:

At this point you should already have at least one neighbor to add to the list. You can, at any time, add neighbors to the daemon while it is running using API commands. If you’ve added neighbors during run-time you should also add them to the IRI_NEIGHBORS list in /etc/sysconfig/iri so they are kept across restarts/reboots etc.

Systemctl

Next we can create a systemd drop-in file to control iri’s process.
We create it in /usr/lib/systemd/system/iri.service:

Next we need to reload systemctl to read the new drop-in file, enable the service and start it up:

1

2

3

# systemctl daemon-reload

# systemctl enable iri.service

# systemctl start iri.service

Firewall

Depending on the ports you are going to use, you need to allow them through the firewall. By default the ports 15600/tcp and 14600/udp are used for peer communication.
I am using firewalld to control iptables. If you are using the default iptables you can search on the web how to enable the specific ports and keep the configuration persist across reboots/restarts.

Let’s say we want to allow neighbors connect to the default tcp and udp ports, we will issue:

You can also add the 14265/tcp if you chose to use the –remote startup option.
For security reasons I am keeping my 14265/tcp to listen only on localhost and if needed I do some SSH port forwarding to allow me to connect to it.

Verify

There are a few ways to verify everything is up and running.
First check the status of the daemon, you should see something like this (shoud be Active: active). Also look if any errors or if service exited for some reason.